[exim-dev] [Bug 2848] New: Integer overflow in receive_add_…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
admin at ->
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 2848] New: Integer overflow in receive_add_recipient() (CVE-2020-28017)
https://bugs.exim.org/show_bug.cgi?id=2848 

            Bug ID: 2848
           Summary: Integer overflow in receive_add_recipient()
                    (CVE-2020-28017)
           Product: Exim
           Version: 4.92
          Hardware: All
                OS: All
            Status: NEW
          Severity: wishlist
          Priority: low
         Component: Mail Receipt
          Assignee: unallocated@???
          Reporter: mehmetgelivin@???
                CC: exim-dev@???
             Group: exim-security


Exim 4 before 4.94.2 allows Integer Overflow to Buffer Overflow in
receive_add_recipient via an e-mail message with fifty million recipients.
NOTE: remote exploitation may be difficult because of resource consumption.

--
You are receiving this mail because:
You are on the CC list for the bug.
This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-[exim-dev] [Bug 2847] New: The login selector what checs[exim-dev] [Bug 2848] Integer overflow in receive_add_recipient() (CVE-2020-28017)->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)